Remote work, Data Protection Regulation and leakages highlight companies’ vulnerability.
In recent years, cyber attacks have grabbed the headlines and put businesses and governments around the world on alert. The subject is delicate and not always treated with due transparency – as attacks reveal vulnerabilities – but all the surveys converge in pointing out a substantial increase in the number of occurrences. Recent data from Check Point Software, for example, indicates a global increase of 40% in the average number of attacks per week between 2020 and 2021. In Brazil, one of hackers’ main targets, this increase reaches 62%.
As experts have pointed out, the covid-19 pandemic was one of the main causes of this recent wave of cyber attacks. For individuals, the increase in online presence and the digitization of activities previously done face-to-face have revealed a series of vulnerabilities. As for companies, the sudden transition to home office, with remote solutions that are often outdated, made the criminals’ work easier.
Ransomware attacks have been the most discussed, both because of the growth of cases and the evolution of hacking techniques, which are increasingly sophisticated. In this form of attack, cybercriminals are able to access and encrypt critical company data, requesting a “rescue” so that the organization regains control of the system and confidential information is not leaked.
Ransomware cases stand out for the ingenuity of the hacking and extortion tactics used by criminals. It is worth noting, however, that there are different types of cyberattacks (almost always based on exploiting flaws combined with social engineering techniques), and that every company has some vulnerability degree. Anyone who thinks that only large corporations and governments are targets of attacks is wrong. Last year, incidents involving small businesses were also registered, causing financial losses and reputational damage for organizations with few resources to recover from such shocks.
To protect themselves from attacks, in addition to traditional measures (such as having a detailed security plan, maintaining good “cyber hygiene” practices and relying on experts), companies have also sought the so-called “cyber insurance”. The goal is to avoid damage caused by attacks that, despite the care, could not be avoided. Data leakage, for example, is one of the main concerns of organizations seeking this type of policy. In Brazil, this demand is further accentuated by the recent entry into force of the General Data Protection Law (LGPD), which led to an unprecedented degree of concern with sensitive information, as well as by the leakages that have been registered.
Cyber insurance helps cover the costs of a crisis caused by cyber crimes, guaranteeing property risks and civil liability. The coverage, depending on the contracting clauses, can ensure payment of data rescue in cases of extortion, expenses to contain data leakage, cyber defense costs, civil convictions and administrative fines applied to third parties, among other losses.
Given the dynamic nature of the digital environment, it is important to have specialized brokers who know the subject and understand the needs of each company, according to its size, sector and specific vulnerabilities.
Pryor Global offers cyber insurance with broad coverage in case of leakage of data stored by the company and guarantee of payment of fines to third parties, as required by the new legislation. Talk to one of our specialists to learn more about this type of insurance and find out how we can help your company.